An upcoming ISACA Conference session will shed new light on one of the most consequential cybersecurity events of all time.
In December 2020, a 264-days-long breach was detected in SolarWinds’ Orion software, which at the time was used by more than 30,000 public and private sector customers, including multiple US federal agencies as well as organizations like NATO, the U.K. government, the European Parliament, Microsoft and others. The attack used a backdoor in a SolarWinds library; when a software update occurred, the malicious attack would go unnoticed due to the trusted certificate. It required a team poring over more than 100 terabytes of logs and forensic data to find the source. This has been the most comprehensive and sophisticated known cyberattack to date.
There is much to be learned from this attack so that supply chains, vendors, enterprises, governments, and customers are protected. Rob Clyde, CISM, ISACA board director and past board chair, is a former CEO and CTO who provides board and executive advisory services to cybersecurity software companies. At the ISACA Conference North America 2022 in May, he will be joined by Tim Brown, SolarWinds chief information security officer and vice president for security, for a general session conversation. Learn the steps SolarWinds took upon being alerted to the attack, the partners it deployed to investigate, how the malicious code was found, and the communications strategy enacted to alert stakeholders.
“I’m confident that attendees will find this session with Tim Brown eye-opening and thought-provoking,” Clyde said. “As the SolarWinds CISO, Tim has been on the front line in dealing with this highly publicized incident. This is a unique opportunity for us to hear his observations, advice and outlook on securing supply chains.”
An attack of this magnitude is an opportunity for the industry to reflect on the challenges of combatting aggressive bad actors; the transparency required for vendors to enable and protect business; the workforce gaps that threaten capabilities; and the steps that each enterprise needs to take to ensure that it can avoid and recover from disaster. This session will explore the lessons SolarWinds has learned and the steps they have taken to improve their processes and how those lessons might apply to other organizations.